Tiny Core Base > TCB Q&A Forum

looking for suggestions as to how to prevent escalation to root in ssh

(1/1)

bigpcman:
Can someone suggest a simple way to prevent a remote ssh login (to the dropbear ssh server) from escalating to root without a password. I thought simply changing the sudoer for tc to "require a password" would do the trick but that screws up the tc x environment and of course gives up the convenience of sudo su. Any advice?

curaga:
Create a separate user, and don't give root or tc user passwords out. That separate user can have sudo with password, or no sudo right at all.

bigpcman:

--- Quote from: curaga on February 12, 2009, 09:43:05 AM ---Create a separate user, and don't give root or tc user passwords out. That separate user can have sudo with password, or no sudo right at all.

--- End quote ---
Silly me, I didn't realize tinycore had multiple user support. I thought the default tinycore configuration was like the frugal dsl linux version which from what I recall did not have full multi-user support. I know - I should have just tried it.

curaga:
Well, TC does not have local multiuser, but via SSH things work fine.

Navigation

[0] Message Index